Skip to content

Security: percona/pmm

SECURITY.md

Security Policy

Supported Versions

PMM versions starting from v2.0.0 are currently being supported.

Version Supported
1.x.x
2.x.x

Reporting a Vulnerability

Please report any vulnerabilities to our project in Jira.

If the vulnerability is accepted and confirmed by our experts, you should normally expect us to deliver a version with a fix according to the timelines provided below:

For Percona created software (our engineers wrote the code):

  • Low/Medium: 120 days
  • High: 90 days
  • Critical: ASAP but should not exceed 30 days

For Non-Percona created software (upstream provided/packaged) from the time the vendor releases a patch:

  • Low/Medium: 2nd release from current version
  • High: Next release
  • Critical: Hotfix or no later than next release (our regular release cadence is once every month)

There aren’t any published security advisories